Contents

Dell PowerProtect 18.2 Data Protection Getting Started Guide PDF

1 of 46
1 of 46

Summary of Content for Dell PowerProtect 18.2 Data Protection Getting Started Guide PDF

Dell EMC IDPA System Manager Version 18.2

Getting Started Guide 302-005-311

REV 01

Copyright 2017-2019 Dell Inc. or its subsidiaries. All rights reserved.

Published January 2019

Dell believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

THE INFORMATION IN THIS PUBLICATION IS PROVIDED AS-IS. DELL MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND

WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF

MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. USE, COPYING, AND DISTRIBUTION OF ANY DELL SOFTWARE DESCRIBED

IN THIS PUBLICATION REQUIRES AN APPLICABLE SOFTWARE LICENSE.

Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be the property of their respective owners.

Published in the USA.

Dell EMC Hopkinton, Massachusetts 01748-9103 1-508-435-1000 In North America 1-866-464-7381 www.DellEMC.com

2 IDPA System Manager 18.2 Getting Started Guide

Preface 5

Overview 9 IDPA System Manager overview................................................................. 10 Environment and system requirements ....................................................... 11 Monitoring systems ....................................................................................12 Managing Avamar systems .........................................................................12 Search and recover capabilities...................................................................13 Report capabilities...................................................................................... 13

Deployment and Configuration 15 Check the network setup with each system................................................16 Deploy IDPA System Manager as an Open Virtualization Appliance.............17 Deploy IDPA System Manager on a standalone server or virtual machine .... 19 Verify the deployment................................................................................ 20 Configuring LDAP .......................................................................................21

Configure LDAP or AD user access................................................ 21 Add LDAP or AD while deploying IDPA System Manager................21 Add LDAP or AD after deploying IDPA System Manager................23 Add a secure LDAP (LDAPS) certificate........................................26 Verify the LDAP or AD connection status...................................... 27

Configuring Network Time Protocol........................................................... 29 Configuring Network Time Protocol during IDPA System Manager OVA deployment............................................................................29 Configuring Network Time Protocol after IDPA System Manager deployment....................................................................................29

Access control............................................................................................30 Pre-loaded accounts......................................................................30

Certificate management.............................................................................30 Generate a self-signed certificate............................................................... 31 Generate a Certificate Signing Request...................................................... 31

Getting Started with Administration 33 Log in to IDPA System Manager................................................................. 34 User interface.............................................................................................34

Header...........................................................................................34 User menu..................................................................................... 34 Left menu...................................................................................... 35 Pages............................................................................................ 35 Master and Detail panes................................................................ 35 Changing dashboards.................................................................... 36 Filtering......................................................................................... 36 Sort information that is displayed in tables.................................... 37 Dialog boxes...................................................................................37 Notification bar..............................................................................37 Overflow button............................................................................ 38

Dashboards overview..................................................................................38

Chapter 1

Chapter 2

Chapter 3

CONTENTS

IDPA System Manager 18.2 Getting Started Guide 3

Health overview..........................................................................................38 Alerts overview...........................................................................................38 Capacity overview...................................................................................... 39 Activities overview..................................................................................... 39 Audit overview............................................................................................39 System management overview...................................................................39 Search and recover overview..................................................................... 39 Reports overview....................................................................................... 40

Adding Systems to IDPA System Manager 41 Add an Avamar system............................................................................... 42 Add a Data Domain System........................................................................ 43 Add a Data Protection Advisor system....................................................... 43 Add a Search system.................................................................................. 44

Chapter 4

CONTENTS

4 IDPA System Manager 18.2 Getting Started Guide

Preface

As part of an effort to improve product lines, periodic revisions of software and hardware are released. Therefore, all versions of the software or hardware currently in use might not support some functions that are described in this document. The product release notes provide the most up-to-date information on product features.

If a product does not function correctly or does not function as described in this document, contact a technical support professional.

Purpose This document includes information about how to deploy IDPA System Manager, and then get started with IDPA System Manager administration.

Audience This document is intended for administrators of IDPA System Manager.

Revision history The following table presents the revision history of this document.

Table 1 Revision history

Revision Date Description

01 January 31, 2019 First release of the IDPA System Manager 18.2 Getting Started Guide.

Related Documentation For information about IDPA System Manager compatibility, refer to the IDPA System Manager Release Notes.

The IDPA System Manager documentation set includes the following publications:

l IDPA System Manager Getting Started Guide

l IDPA System Manager Security Configuration Guide

l IDPA System Manager Release Notes

l IDPA System Manager Administration Guide

The documentation for the following products includes more information:

l Avamar

l Data Domain

l Search

l Data Protection Advisor

Special notice conventions that are used in this document The following conventions are used for special notices:

NOTICE

Identifies content that warns of potential business or data loss.

Preface 5

Note

Contains information that is incidental, but not essential, to the topic.

Typographical conventions The following type style conventions are used in this document:

Table 2 Style conventions

Bold Used for interface elements that a user specifically selects or clicks, for example, names of buttons, fields, tab names, and menu paths. Also used for the name of a dialog box, page, pane, screen area with title, table label, and window.

Italic Used for full titles of publications that are referenced in text.

Monospace Used for:

l System code

l System output, such as an error message or script

l Pathnames, file names, file name extensions, prompts, and syntax

l Commands and options

Monospace italic Used for variables.

Monospace bold Used for user input.

[ ] Square brackets enclose optional values.

| Vertical line indicates alternate selections. The vertical line means or for the alternate selections.

{ } Braces enclose content that the user must specify, such as x, y, or z.

... Ellipses indicate non-essential information that is omitted from the example.

You can use the following resources to find more information about this product, obtain support, and provide feedback.

Where to find product documentation

l https://www.dell.com/support

l https://community.emc.com

Where to get support The Support website https://www.dell.com/support provides access to product licensing, documentation, advisories, downloads, and how-to and troubleshooting information. The information can enable you to resolve a product issue before you contact Support.

To access a product-specific page:

1. Go to https://www.dell.com/support.

2. In the search box, type a product name, and then from the list that appears, select the product.

Knowledgebase The Knowledgebase contains applicable solutions that you can search for either by solution number (for example, KB000xxxxxx) or by keyword.

Preface

6 IDPA System Manager 18.2 Getting Started Guide

To search the Knowledgebase:

1. Go to https://www.dell.com/support.

2. On the Support tab, click Knowledge Base.

3. In the search box, type either the solution number or keywords. Optionally, you can limit the search to specific products by typing a product name in the search box, and then selecting the product from the list that appears.

Live chat To participate in a live interactive chat with a support agent:

1. Go to https://www.dell.com/support.

2. On the Support tab, click Contact Support.

3. On the Contact Information page, click the relevant support, and then proceed.

Service requests To obtain in-depth help from Licensing, submit a service request. To submit a service request:

1. Go to https://www.dell.com/support.

2. On the Support tab, click Service Requests.

Note

To create a service request, you must have a valid support agreement. For details about either an account or obtaining a valid support agreement, contact a sales representative. To get the details of a service request, in the Service Request Number field, type the service request number, and then click the right arrow.

To review an open service request:

1. Go to https://www.dell.com/support.

2. On the Support tab, click Service Requests.

3. On the Service Requests page, under Manage Your Service Requests, click View All Dell Service Requests.

Online communities For peer contacts, conversations, and content on product support and solutions, go to the Community Network https://community.emc.com. Interactively engage with customers, partners, and certified professionals online.

How to provide feedback Feedback helps to improve the accuracy, organization, and overall quality of publications. You can send feedback to DPAD.Doc.Feedback@emc.com.

Preface

7

Preface

8 IDPA System Manager 18.2 Getting Started Guide

CHAPTER 1

Overview

Learn about IDPA System Manager.

This chapter contains the following sections:

l IDPA System Manager overview.........................................................................10 l Environment and system requirements ...............................................................11 l Monitoring systems ........................................................................................... 12 l Managing Avamar systems ................................................................................ 12 l Search and recover capabilities.......................................................................... 13 l Report capabilities.............................................................................................. 13

Overview 9

IDPA System Manager overview IDPA System Manager provides a solution for data protection administrators who manage multiple independent data protection applications and storage devices.

When you work with multiple data protection applications, operational monitoring and management can be a complex, time consuming effort.

IDPA System Manager enables administrators to efficiently and effectively monitor and manage the software products within the Data Protection Suite family from a single user interface, simplifying the entire data protection experience.

IDPA System Manager includes the following features:

Comprehensive dashboards IDPA System Manager has a comprehensive and customizable dashboard for at-a- glance monitoring of systems and activities. IDPA System Manager supports up to 20 dashboards per user.

Avamar system monitoring and management IDPA System Manager supports a maximum combination of 200 Avamar systems.

When you add an Avamar system to IDPA System Manager, you can perform the following tasks:

l Launch Avamar Administrator or the AUI, using Single-Sign On (SSO) for supported versions.

l Monitor system health status and any alerts from the system.

l Monitor storage capacity usage.

l Monitor backup and replication activities at the Avamar job level.

l Monitor backup and replication activities at the Avamar asset level. Assets are virtual machines or plugins on the Avamar system.

l Rerun failed backup and replication activities at the job or asset level.

l Manage and run Avamar protection policies.

Data Domain system monitoring IDPA System Manager supports adding up to 80 Data Domain systems.

When you add a Data Domain system to IDPA System Manager, you can perform the following tasks:

l Launch Data Domain System Manager.

l Monitor system health status and any alerts from the system.

l Monitor storage capacity usage.

Search integration IDPA System Manager supports adding a single Search system.

When you integrate Search with IDPA System Manager, you can perform the following tasks:

l Launch Search Web User Interface, using Single-Sign On (SSO) for supported versions.

l Perform complex search and recover operations.

Data Protection Advisor integration IDPA System Manager supports adding a single Data Protection Advisor system.

Overview

10 IDPA System Manager 18.2 Getting Started Guide

When you integrate Data Protection Advisor with IDPA System Manager, you can perform the following tasks:

l Launch DPA Web Console, using Single-Sign On (SSO) for supported versions.

l Run 11 of the most used Data Protection Advisor reports on Avamar and Data Domain systems.

Environment and system requirements The following list includes information about environment and system requirements:

l To deploy the IDPA System Manager OVA, you must use VMware vCenter with VMware ESX 5.5 or later. The IDPA System Manager OVA does not deploy directly to the ESXi server.

l The IDPA System Manager host must have a minimum of 4 CPUs, 8 GB of RAM, and 550 GB of disk space available.

l The FQDN, IP, Netmask, NTP, Gateway, DNS, and time zone must be configured. The FQDN must resolve to the IP address.

l The environment must use static network settings.

l IDPA System Manager requires a minimum browser window size of 1366x768.

l Ensure that the DNS is set up correctly. The correct DNS setup ensures that systems can resolve the IDPA System Manager hostname and FQDN name.

l IDPA System Manager is compatible with VMware vSphere Fault Tolerance (FT), VMware vSphere High Availability (HA), and VMware vSphere vMotion.

l It is highly recommended that the ESXi server for the VMware environment where IDPA System Manager is deployed is protected from unexpected power outages with an uninterrupted power supply device.

Note

If you must power off the IDPA System Manager virtual machine, do not use the Power off the virtual machine feature in vCenter. Instead, shut down the machine gracefully with the Shut Down Guest OS button or the shutdown -h now bash shell command.

The following table includes information about the minimum versions of products that are supported with IDPA System Manager:

Table 3 Compatibility

Product Supported versions

Avamar 7.5.0-183_HF300003 hotfix

7.5.1-101_HF298709_27 hotfix

18.1

18.2

Data Domain 6.0

6.1

6.1.1

Overview

Environment and system requirements 11

Table 3 Compatibility (continued)

Product Supported versions

6.1.2

6.2

Data Protection Advisor 6.5

18.1

18.2

Search 1.1 SP3

18.1

18.2

Mozilla Firefox Latest version

Google Chrome Latest version

Monitoring systems IDPA System Manager includes system monitoring features.

The systems monitoring features include:

l Job Activities: Monitor backup and replication activities at the job-level for Avamar systems.

l Asset Activities: Monitor backup and replication activities at the asset-level within jobs for Avamar systems.

l Health: Monitor the health status for Avamar and Data Domain systems.

l Alerts: Monitor alerts originating from Avamar and Data Domain systems.

l Capacity: Monitor capacity usage for Avamar and Data Domain systems.

Note

If a Data Domain system is configured in a monitored Avamar system, the Data Domain system is automatically added as a monitored system. However, you must add the Data Domain system credentials to IDPA System Manager to enable the full system monitoring features.

Managing Avamar systems For Avamar systems, IDPA System Manager includes policy management and client management capabilities.

IDPA System Manager includes the following Policy Management capabilities:

l View, add, edit, and delete policies, retentions, schedules, and datasets.

l Add clients and proxies to policies.

l Perform a backup of a policy.

l Rerun a backup or replication activity.

Overview

12 IDPA System Manager 18.2 Getting Started Guide

IDPA System Manager includes the capability for you to view existing clients that are associated with an Avamar system.

Search and recover capabilities IDPA System Manager integrates with Search to provide you with the ability to perform complex search and recover operations.

IDPA System Manager launches Search in a new browser tab.

After launching Search, you can perform the following tasks:

l Perform a targeted full content index (FCI) search.

l Search for files by name, location, size, owner, file type, and date.

l Perform advanced search queries including symbols, wildcards, filters, and operators.

l From the Search Results page:

n View a preview of the content.

n Download content.

n Recover content.

n Review the size of files or directories.

For comprehensive information about Search, refer to the Search documentation set.

Note

To take full advantage of IDPA System Manager capabilities, it is recommended that all systems that are configured in Search also be configured in IDPA System Manager.

Report capabilities IDPA System Manager provides the capability for you to run 11 of the most used Data Protection Advisor reports for Avamar and Data Domain systems.

IDPA System Manager reporting features require you to have Data Protection Advisor in the environment. For more information about Data Protection Advisor, refer to the Data Protection Advisor documentation set.

You can run, and then view these reports directly in the IDPA System Manager user interface. You can also specify the reporting period for these reports within the IDPA System Manager interface.

Note

To take full advantage of IDPA System Manager capabilities, it is recommended that all systems that are configured in Data Protection Advisor also be configured in IDPA System Manager.

Overview

Search and recover capabilities 13

Overview

14 IDPA System Manager 18.2 Getting Started Guide

CHAPTER 2

Deployment and Configuration

Learn about how to deploy and configure IDPA System Manager.

Topics include:

l Check the network setup with each system....................................................... 16 l Deploy IDPA System Manager as an Open Virtualization Appliance.................... 17 l Deploy IDPA System Manager on a standalone server or virtual machine .......... 19 l Verify the deployment........................................................................................20 l Configuring LDAP .............................................................................................. 21 l Configuring Network Time Protocol...................................................................29 l Access control................................................................................................... 30 l Certificate management.....................................................................................30 l Generate a self-signed certificate.......................................................................31 l Generate a Certificate Signing Request..............................................................31

Deployment and Configuration 15

Check the network setup with each system Before deploying the IDPA System Manager OVA, ensure that the network setup with each Avamar, Data Domain, and Data Protection Advisor system is correct.

Procedure

1. Ensure that the time on the system is set correctly.

For successful activation certificates, the time that appears on the system must be in sync with IDPA System Manager.

It is recommended that IDPA System Manager and all the systems that IDPA System Manager monitors be configured with a Network Time Protocol (NTP) server. This configuration helps keep the system times in sync. Configuring Network Time Protocol on page 29 provides more information about configuring an NTP server.

2. Find out the IDPA System Manager DNS hostname and domain name.

3. Check if the system is on the same domain as IDPA System Manager.

If the system is on the same domain, ensure that the DNS entry and search domain values are set.

If the system is on a different domain, add the IDPA System Manager DNS entry through the yast2 command, or by editing the /etc/resolv.conf file on the system.

4. To check whether the system can resolve the IDPA System Manager hostname and IP address, use the nslookup command.

Type the following command:

nslookup

Type the following command:

nslookup

5. Check whether the hostname resolves correctly.

If the hostname resolves correctly, the network setup is correctly configured. Otherwise, check all previously entered values.

6. Verify that the IDPA System Manager entry in the /etc/hosts file includes the short name, for example:

10.x.x.x dpc.domain.local dpc

Deployment and Configuration

16 IDPA System Manager 18.2 Getting Started Guide

Deploy IDPA System Manager as an Open Virtualization Appliance

Deploy the IDPA System Manager Open Virtualization Appliance (OVA) using a VMware vSphere client. Refer to the VMware documentation for specific information regarding how to deploy an OVF template.

Before you begin

Ensure that the following system requirements are met:

l The DNS is set up correctly. The correct DNS set up ensures that systems monitored by IDPA System Manager can resolve the IDPA System Manager hostname and Fully Qualified Domain Name (FQDN).

l VMware vCenter with VMware ESX 5.5 or later is deployed. To deploy the IDPA System Manager OVA, you must use vCenter. The IDPA System Manager OVA does not deploy directly to the ESXi server.

l A minimum of 4 CPUs and 8 GB of RAM.

l 550 GB of disk space available.

l The FQDN, IP, Netmask, Gateway, DNS, NTP, and time zone are configured. The FQDN must resolve to the IP address.

l The environment is using static network settings.

l It is highly recommended that the ESXi server for the VMware environment where IDPA System Manager is deployed is protected from unexpected power outages with an uninterrupted power supply device.

Note

If you must power off the IDPA System Manager virtual machine, do not use the Power off the virtual machine feature in vCenter. Instead, shut down the machine gracefully with the Shut Down Guest OS button or the shutdown -h now bash shell command.

Procedure

1. Log in to vCenter using the vSphere client.

2. Specify an ESXi server on which to deploy the OVF.

3. Begin deploying an OVF template.

4. Type the file or URL location.

5. Verify the OVF template details match the version of IDPA System Manager that is to be deployed.

6. Accept the end user license agreement.

7. Specify the name and location of the IDPA System Manager virtual machine.

8. Select the virtual disk format.

When selecting the virtual disk format, the Thick Provision Lazy Zeroed option is recommended.

9. Specify network properties:

a. For the Network IP address, specify the IPv4 address or IPv6 address for the virtual appliance.

Deployment and Configuration

Deploy IDPA System Manager as an Open Virtualization Appliance 17

Note

For IPv6 addresses, to resolve the hostname of the appliance to the IP address, use the nslookup command. Specify the IPv6 address in the format that appears in the nslookup output.

b. For the Default Gateway, specify the default gateway IPv4 address or IPv6 address that you want the virtual appliance to use.

c. For the Network Netmask/Prefix, when you use IPv4 addressing, specify the netmask of the virtual appliance. When you use IPv6 addressing specify the prefix length.

10. Specify DNS Settings:

a. For the DNS, specify up to three domain name servers for this virtual appliance.

Separate domain names with commas.

b. For the FQDN [e.g. hostname.domain], specify the FQDN for the virtual appliance.

Note

Ensure that you correctly configure hostname resolution for the name of the appliance. Forward and reverse lookups must succeed.

11. In the NTP Server field, specify up to three Network Time Protocol (NTP) servers.

Separate server names with commas.

12. Specify Operation System User Passwords:

a. Under Configure OS root password, specify the password for the Linux OS root account.

The operating system root account is for OVA deployment only.

b. Under Configure OS admin password, specify the password for the Linux OS admin.

The operating system admin account is the default user for IDPA System Manager operating system administration.

The OS root and OS admin password length must be between 8 and 256 characters.

13. In Lockbox Settings, under Configure lockbox password, specify a Master password for the IDPA System Manager lockbox.

The lockbox password length must be between 8 and 256 characters.

IDPA System Manager uses a lockbox to encrypt and store the credentials of the systems it monitors. This password is used along with certain System Stable Values (SSVs) to create an encryption key.

14. Under Location Settings, select the timezone of the IDPA System Manager virtual machine.

Deployment and Configuration

18 IDPA System Manager 18.2 Getting Started Guide

15. (Optional) Configure LDAP.

Add LDAP or AD while deploying IDPA System Manager on page 21 provides the steps to configure LDAP while deploying the OVA.

16. Validate the information that you specified, and then complete the deployment of the IDPA System Manager OVF.

Deploy IDPA System Manager on a standalone server or virtual machine

IDPA System Manager can be installed on a server or virtual machine using a self- extracting .jar file.

Before you begin

Ensure that the following minimum system requirements are met:

l Standalone server deployments require 1.5GHz processor.

l Virtual machine deployments require 4 CPUs with 1 core each.

l 8GB of RAM.

l 550 GB of disk space available.

l The environment is running SuSE Linux Enterprise Server 12 SP2. It is recommended that you disable AppArmor. If you must enable AppArmor, then the AppArmor profiles should not block the applications used by IDPA System Manager.

l Java Platform Standard Edition Development Kit (JDK) version 8u181 or greater is installed, including the following packages:

n javapackages-tools-2.0.1-8.1.x86_64

n java-1_8_0-openjdk-headless-1.8.0.181-27.26.2.x86_64

n java-1_8_0-openjdk-1.8.0.181-27.26.2.x86_64

Note

Java may require additional packages to be installed.

l The Linux socat package is installed.

l The DNS is set up correctly. The correct DNS set up ensures that systems monitored by IDPA System Manager can resolve the IDPA System Manager hostname and Fully Qualified Domain Name (FQDN).

l The FQDN, IP, Netmask, Gateway, DNS, NTP, and time zone are configured.

l The environment is using static network settings.

Note

If you are installing IDPA System Manager on a Hyper-V virtual machine, you must use a Generation-1 Hyper-V virtual machine.

Prior to installing IDPA System Manager, ensure that an administrative user exists on the host named 'admin' and is added to a group named 'admin' .

Procedure

1. Download and save the IDPA System Manager .jar file.

Make note of the file name and directory where it is saved.

Deployment and Configuration

Deploy IDPA System Manager on a standalone server or virtual machine 19

2. Launch a terminal window.

3. Log in as the root user.

4. Change the directory to the location where the .jar file is saved

5. Start the installation by typing the following command:

java -jar .jar

Verify the deployment When the deployment is complete, to verify that IDPA System Manager was deployed successfully, perform the following steps.

Before you begin

Ensure that the virtual machine where the OVA file was deployed is powered on.

Note

IDPA System Manager is supported with Mozilla Firefox and Google Chrome.

Procedure

1. Open a browser, and then type the following in the Address field:

https://

The IDPA System Manager Login page appears.

2. In the Username field, type:

administrator@dpc.local

3. In the Password field, type:

secret

4. Click LOG IN.

The first time you log in you are required to change the password. The password requirements are as follows:

l A minimum of 9 characters.

l A maximum of 15 characters.

l At least 1 lowercase character.

l At least 1 uppercase character.

l At least 1 number.

l At least 1 of the following special characters: ! @ # $ % ^ & * ( ) - _

l The password cannot include any white space.

The IDPA System Manager Security Configuration Guide provides the steps to reset the administrator@dpc.local password.

Deployment and Configuration

20 IDPA System Manager 18.2 Getting Started Guide

Configuring LDAP Learn about LDAP requirements and configuration procedures.

IDPA System Manager supports OpenLDAP and Active Directory (AD) authentication.

You can configure LDAP during or after deploying IDPA System Manager.

The Troubleshooting chapter in the IDPA System Manager Administration Guide provides detailed troubleshooting information on diagnosing and resolving common LDAP configuration issues.

Note

LDAP without TLS protocol communicates in clear text without encryption. Secure LDAP (LDAPS) does not support communication in clear text. When you configure LDAP without TLS, to improve security, it is recommended that you use a segmented network containing only the LDAP server and the IDPA System Manager server.

Configure LDAP or AD user access Before you configure Lightweight Directory Access Protocol (LDAP) or Windows Active Directory (AD), configure the users who will access IDPA System Manager.

Perform this procedure on the server that hosts Lightweight Directory Access Protocol (LDAP) or Windows Active Directory (AD).

Procedure

1. Create an administrative user group that will contain the users who can access IDPA System Manager.

The following list describes the default containers, according to the configuration type:

l For Lightweight Directory Access Protocol (LDAP), the default user group is the OU=People folder.

l For Windows Active Directory (AD), the default user group is the OU=Users folder.

2. For AD accounts only, set the user group scope setting to Global.

Note

Users who are part of this group are granted administrative privileges to IDPA System Manager and the system management applications for any systems added to IDPA System Manager, including Single-Sign On access.

3. Add any users that require access to IDPA System Manager to the user group.

Add LDAP or AD while deploying IDPA System Manager You can configure Lightweight Directory Access Protocol (LDAP) or Windows Active Directory (AD) when you deploy IDPA System Manager.

Procedure

1. While deploying the IDPA System Manager OVA, under Configure LDAP (Optional), specify the following settings:

Deployment and Configuration

Configuring LDAP 21

l LDAP server name / IP address: Type the LDAP server name or IP address of the server where LDAP is hosted. Type the name in one of the following formats:

n Type the LDAP server name in the following format:

{ldap | ldaps}.

For example:

ldap.corp

n Type the IP address of the LDAP server. For example:

sample.dpc.local

l Configure for secure LDAP (ldaps): Select either LDAP or LDAPS, depending on the LDAP security type.

l Port number of the LDAP: Type the LDAP server port number.

l Admin user Distinguished Name (DN): Type the administrative username in the distinguished name format. For example, consider the following entry for LDAP:

uid=admin,ou=people,dc=dpc,dc=local

For example, consider the following entry for Active Directory:

cn=Administrator,dc=abc,dc=xyz,dc=com

l Admin Password: Type the password for the administrative user.

l Search Admin group name: Type the name of the user group name that contains the users who require access to IDPA System Manager. For example, if the group distinguished name is cn=dp_admin, ou=groups, dc=dpc, dc=local, specify dp_admin in the Search Admin group name field

The default user group name is dp_admin.

l Base Distinguished Name (DN): Type the domain base distinguished name. For example:

dc=dpc,dc=xyz,dc=com

l LDAP Type: Select the type of LDAP:

n Windows Active Directory (AD)

n Lightweight Directory Access Protocol (LDAP) server

2. Click Next and proceed with deploying the OVA.

Results

The administrator password is stored in the IDPA System Manager lockbox and removed from the LDAP properties file.

Deployment and Configuration

22 IDPA System Manager 18.2 Getting Started Guide

Add LDAP or AD after deploying IDPA System Manager You can optionally configure LDAP or AD after deploying IDPA System Manager.

The following roadmap describes the workflow to add LDAP or AD to IDPA System Manager.

Procedure

1. Access the IDPA System Manager system through ssh and prepare to add LDAP.

Prepare to add LDAP or AD to the IDPA System Manager system on page 23 provides information.

2. Create the LDAP properties file.

Create an LDAP properties file on page 23 and Examples of the LDAP properties file on page 25 provide information.

3. Finish adding LDAP and log in to the IDPA System Manager user interface.

Finish adding LDAP or AD and log in to the IDPA System Manager user interface on page 26 provides information.

Prepare to add LDAP or AD to the IDPA System Manager system Before you add LDAP or AD, you must access the IDPA System Manager system and stop the services.

Procedure

1. Login to the IDPA System Manager system using SSH.

2. To switch to the root user, type the following command:

su -

3. To stop the IDPA System Manager services, type the following command:

/usr/local/dpc/bin/dpc stop

After you finish

Create or edit the ldap.properties file in the /var/lib/dpc/elg/ folder to specify the values that are specific to the environment.

Create an LDAP properties file Learn how to create an LDAP properties file.

The LDAP properties file must match the exact file name of ldap.properties and be located in the /var/lib/dpc/elg/ directory.

Deployment and Configuration

Add LDAP or AD after deploying IDPA System Manager 23

Note

To quickly create an LDAP properties file, it is recommended that you copy the LDAP properties template file located at /usr/local/dpc/lib/elg/conf/ ldap.properties.example into /var/lib/dpc/elg/ldap.properties.

The following table describes the attributes that you can specify in the LDAP properties file.

Table 4 LDAP properties file attributes

Attribute Description Examples

elg.ldap.type Required. Specifies the type of LDAP environment. Specify either LDAP or AD.

elg.ldap.type=LDAP

elg.ldap.type=AD

elg.ldap.server.urls Required. Specifies the URL of the server where LDAP is hosted. Type the URL in the following format:

{ldap | ldaps}:// :

elg.ldap.server.urls=ldap:// ldap.dpc.local:389/

elg.ldap.server.urls=ldaps:// ldap.dpc.local:636/

elg.ldap.base.dn Required. Specifies the domain base distinguished name of the LDAP server.

elg.ldap.base.dn=dc=dpc,dc=local

elg.ldap.admin.dn Required. Specifies the administrative username in the base distinguished name format.

For example, consider the following entry for LDAP:

uid=admin,ou=people,dc=dpc,dc=local

For example, consider the following entry for Active Directory:

cn=Administrator,dc=abc,dc=xyz,dc=co m

elg.ldap.admin.password Required. Specifies the password for the administrative user.

After you save the file and restart the IDPA System Manager services, the password is stored in the lockbox and removed from the ldap.properties file.

elg.ldap.admin.password=changeme1

elg.ldap.group.search.name Required. For example, if the distinguished name of the group is cn=backupadmins, ou=groups,

Deployment and Configuration

24 IDPA System Manager 18.2 Getting Started Guide

Table 4 LDAP properties file attributes (continued)

Attribute Description Examples

Specifies the user group name that contains the users who require access to IDPA System Manager.

If you do not specify this attribute, the default value of dp_admin is used.

dc=dpc, dc=local, specify the group name

with the following entry:

elg.ldap.group.search.name=backupadm ins

elg.ldap.group.search.base Optional. Specifies the distinguished name of the administrator user group on the LDAP server.

NOTICE

Do not specify this attribute unless there are duplicate entries of the group name on the LDAP or AD server. If you specify this attribute when there is a single instance of a group, user authentication may fail.

If the group name specified with elg.ldap.group.search.name is

duplicated on the LDAP or AD server, then you must specify this attribute for IDPA System Manager to identify the correct instance of the group name.

When there is only one instance of the group name, IDPA System Manager automatically locates the group on the LDAP or AD server.

For example, consider the following scenario.

The LDAP server has two BackupAdmins groups in different locations. The groups have the following distinguished names:

l cn=backupadmins,ou=groups,dc=dpc ,dc=local

l cn=backupadmins,ou=groupcontaine r,dc=dpc,dc=local

You want to use the group located in the groupcontainer folder. IDPA System

Manager.

In this scenario, specify:

elg.ldap.group.search.base=ou=groupc ontainer

Examples of the LDAP properties file

Consider the following examples of the LDAP property file.

Example 1 Example LDAP properties file

elg.ldap.type=LDAP elg.ldap.server.urls=ldaps://dpc.local.domain.com:636/ elg.ldap.base.dn=dc=local,dc=domain,dc=com elg.ldap.admin.dn=uid=Admin,ou=People,dc=local,dc=domain,dc=com elg.ldap.admin.password=PgK17y5* elg.ldap.group.search.name=dp_admin

Example 2 Example LDAP properties file for active directory

elg.ldap.type=AD elg.ldap.server.urls=ldap://dpc.corp.domain.com:389/ elg.ldap.base.dn=dc=corp,dc=domain,dc=com elg.ldap.admin.dn=cn=Administrator,cn=Users,dc=sddc,dc=local

Deployment and Configuration

Add LDAP or AD after deploying IDPA System Manager 25

Example 2 Example LDAP properties file for active directory (continued)

elg.ldap.admin.password=4tHgI8fL elg.ldap.group.search.name=dp_admin

Finish adding LDAP or AD and log in to the IDPA System Manager user interface After you add the ldap.properties file, perform the following steps to complete the LDAP configuration.

Procedure

1. To assign administrator ownership on the ldap.properties file, type the following command:

chown admin:admin /var/lib/dpc/elg/ldap.properties

2. To set the protection of the ldap.properties file, type the following command:

chmod 644 /var/lib/dpc/elg/ldap.properties

3. To restart IDPA System Manager and activate the change, type the following command:

/usr/local/dpc/bin/dpc start

4. Once IDPA System Manager is started, type the following command to confirm that all of the services are active:

/usr/local/dpc/bin/dpc status

5. Launch a web browser and navigate to the IDPA System Manager address using the fully qualified domain name.

For example:

https://dpc.local.com

6. Log in to the IDPA System Manager user interface with the credentials for the LDAP user account.

Add a secure LDAP (LDAPS) certificate Learn how to add a secure LDAP (LDAPS) certificate.

Secure LDAP (LDAPs) uses TLS, and therefore requires certificate-based authentication.

Deployment and Configuration

26 IDPA System Manager 18.2 Getting Started Guide

If the LDAP server that authenticates IDPA System Manager credentials uses a non- standard certificate authority, you must add the root certificate of the authority that signed the LDAP server certificate to the IDPA System Manager keystore.

IDPA System Manager automatically uses the certificate authorities available within the standard Java keystore.

Procedure

1. To retrieve the certificate details from the LDAP server, type the following command:

/usr/local/dpc/bin/dpc trust-ldaps

The certificate details are listed. The operation prompts you to continue with adding the certificate to the keystore.

2. To add the LDAP server's certificate to the IDPA System Manager Java keystore, type y in response to the prompt.

3. After the certificate is added to the keystore, restart the IDPA System Manager services using the following commands:

/usr/local/dpc/bin/dpc stop /usr/local/dpc/bin/dpc start

Verify the LDAP or AD connection status You can verify the LDAP or AD connection status by looking for messages in the log file or on the Audit page.

Check the LDAP status in the log file Check the /var/log/dpc/elg/elg.log log file for messages about the LDAP connection status.

Messages that appear during LDAP connection failure If the following message appears, the LDAP client did not make a successful connection to the LDAP server:

2018-04-03 11:00:26,929 INFO localhost-startStop-1 c.e.c.c.SecurityConfig LDAP or AD Directory Service providers are not available

There are multiple issues that can prevent the LDAP client from connecting to the LDAP server. Look for error messages in the log file that provide more information.

The following table describes various error messages that appear during LDAP connection failures and their causes.

Table 5 LDAP communication messages

Message Cause

INFO localhost-startStop-1 c.e.c.c.SecurityConfig LDAP or AD

No LDAP or AD setting are provided or they are provided with incorrect information.

Deployment and Configuration

Verify the LDAP or AD connection status 27

Table 5 LDAP communication messages (continued)

Message Cause

Directory Service providers are not available

.ADLdapAuthenticationProvider Ignoring AD authentication. Verification of ldap settings failed. Failed to connect

Invalid AD configuration information.

.LdapAuthenticationProvider Ignoring LDAP authentication. Verification of ldap settings failed. Failed to connect

Invalid LDAP configuration information.

PKIX path building failed: java.security.cert.CertPathBuilderExce ption: Could not build a validated path

Validation of the LDAP server certificate could not be completed. One possible solution for this issue is to add the LDAP server certificate to the IDPA System Manager Java keystore.

Messages that appear during LDAP connection success Messages similar to the following appear when the LDAP client successfully connects to the LDAP server:

c.e.c.s.a.l.LDAPSecureStorage LDAP admin credentials are secured c.e.c.s.a.l.ExternalAuthenticationProvider Type: LDAP c.e.c.s.a.l.ExternalAuthenticationProvider Base DN: dc=mydomain,dc=com c.e.c.s.a.l.ExternalAuthenticationProvider Admin user DN: cn=Administrator,dc=my-domain,dc=com c.e.c.s.a.l.ExternalAuthenticationProvider User Base: ou=people c.e.c.s.a.l.ExternalAuthenticationProvider User Search DN: (|(uid={0}) (cn={0})) c.e.c.s.a.l.ExternalAuthenticationProvider User Pattern DN: [] c.e.c.s.a.l.ExternalAuthenticationProvider Group Name: dp_admin c.e.c.s.a.l.ExternalAuthenticationProvider Group Search Base: ou=group c.e.c.s.a.l.ExternalAuthenticationProvider Group Search Filter: (&(member={0})(cn=dp_admin)) o.s.s.l.DefaultSpringSecurityContextSource URL 'ldap:// 12.3.104.150:546/dc=my-domain,dc=com', root DN is 'dc=mydomain,dc=com' 12.3.104.150:546/dc=my-domain,dc=com', root DN is 'dc=mydomain,dc=com'

Check the LDAP status on the Audit page You can verify the success of the LDAP configuration on the IDPA System Manager Audit page.

If LDAP configuration is successful, you can log into the IDPA System Manager web user interface with an LDAP account. If configuration fails, login to IDPA System Manager using the administrator@dpc.local account and browse to the Audit for details.

The Audit page shows the overall status of the operation and the status of each individual sub-task. You can use this information to locate the point in the operation that caused the LDAP configuration to fail.

The following figure shows an example of an LDAP configuration activity on the Audit page.

Deployment and Configuration

28 IDPA System Manager 18.2 Getting Started Guide

Figure 1 LDAP configuration activities on the Audit page

Configuring Network Time Protocol IDPA System Manager utilizes a Network Time Protocol (NTP) server to update system time.

To ensure that IDPA System Manager can use single sign-on (SSO) to launch system management applications, you must configure IDPA System Manager and all monitored systems with the same NTP server and disable VMware time sync.

Configuring Network Time Protocol during IDPA System Manager OVA deployment

To configure Network Time Protocol during IDPA System Manager OVA deployment, use the NTP Server field to specify up to three Network Time Protocol (NTP) servers. Separate server names with commas.

If an NTP server is configured during deployment, VMware time sync is disabled by default.

Configuring Network Time Protocol after IDPA System Manager deployment If an NTP server was not configured during IDPA System Manager deployment, you must configure an NTP server after deployment

Procedure

1. Add the NTP server to the /etc/ntp.conf file.

2. Disable VMware time sync using the following command:

/usr/bin/vmware-toolbox-cmd timesync disable

3. Validate VMware time sync is disabled using the following command:

/usr/bin/vmware-toolbox-cmd timesync status

Deployment and Configuration

Configuring Network Time Protocol 29

Access control Access control settings provide protection of resources against unauthorized access.

Pre-loaded accounts The following table describes the pre-loaded IDPA System Manager accounts.

Table 6 Pre-loaded accounts

User account Description

IDPA System Manager administrator

The default user for IDPA System Manager web application administration.

Linux operating system admin The default user for IDPA System Manager operating system level administration. This account is for OVA deployments only.

Note

Only the Linux OS admin can log in using a secure shell (ssh).

Linux operating system root The root operation system account. This account is for OVA deployments only.

Certificate management IDPA System Manager uses certificates for secure http access (https).

By default, IDPA System Manager generates a default SSL self-signed certificate in the following location:

/var/lib/dpc/webcerts The self-signed certificate is sufficient to establish an encrypted channel between web browsers and the server. The self-signed certificate cannot be used for authentication.

You can use the following types of certificates for IDPA System Manager authentication:

l A self-signed certificate.

l A certificate that is signed by a trusted certificate authority (CA) vendor.

Note

Consider company policies when creating certificates.

Deployment and Configuration

30 IDPA System Manager 18.2 Getting Started Guide

Generate a self-signed certificate To enable a secure browser connection, create a private key and a self-signed certificate.

Procedure

1. To connect to the IDPA System Manager server as an admin user, run the following command:

ssh admin@SERVER

2. To change to the root user, run the following command:

su -

3. To change the directory to /var/lib/dpc/webcerts, run the following command:

cd /var/lib/dpc/webcerts

4. To generate a new certificate, run the following command:

openssl req -newkey rsa:2048 -sha256 -x509 -keyout private- key.pem -out cert.pem -nodes -days 3650

5. Set the owner and group of the new certificate files to the following:

chown admin *.pem

6. Restart NGINX.

systemctl restart nginx

7. To verify the new self-signed certificate, browse IDPA System Manager.

Generate a Certificate Signing Request To enable a secure browser connection, generate a Certificate Signing Request (CSR).

Procedure

1. To connect to the IDPA System Manager server as an admin user, type the following command:

ssh admin@SERVER

Deployment and Configuration

Generate a self-signed certificate 31

2. To change to the root user, type the following command:

su -

3. To change the directory to /var/lib/dpc/webcerts, type the following command:

cd /var/lib/dpc/webcerts

4. To generate a new certificate using the private key at the self-sign step, type the following command:

openssl req -newkey rsa:2048 -sha256 -key private-key.pem - out cert.csr

5. Send the cert.csr to a certificate authority (CA) vendor.

6. Replace the current cert.pem file to the certificate received from the CA vendor.

7. Restart NGINX.

systemctl restart nginx

8. To verify the new certificate, browse IDPA System Manager.

Deployment and Configuration

32 IDPA System Manager 18.2 Getting Started Guide

CHAPTER 3

Getting Started with Administration

Learn about how to get started with administering IDPA System Manager.

Note

For comprehensive information about IDPA System Manager administration, refer to the IDPA System Manager Administration Guide.

Topics include:

l Log in to IDPA System Manager.........................................................................34 l User interface.................................................................................................... 34 l Dashboards overview......................................................................................... 38 l Health overview................................................................................................. 38 l Alerts overview.................................................................................................. 38 l Capacity overview..............................................................................................39 l Activities overview............................................................................................. 39 l Audit overview................................................................................................... 39 l System management overview.......................................................................... 39 l Search and recover overview............................................................................. 39 l Reports overview............................................................................................... 40

Getting Started with Administration 33

Log in to IDPA System Manager To use the IDPA System Manager monitoring and management features, log in to the user interface.

Procedure

1. In a browser address bar, type https://, and then the FQDN or IP address of the IDPA System Manager server.

2. In the Username field, type a valid username. The default web browser account is:

administrator@dpc.local

3. In the Password field, type the password for the user. The web browser account password is:

secret

4. Click LOG IN.

If this is the first time you are logging in to IDPA System Manager, you are prompted to change the password.

User interface The IDPA System Manager user interface includes the following components.

Header The header includes the following components:

l Active Filter button: This button enables you to filter the information that appears on a page by one or more systems, groups, or tags. The Active Filter button appears only on pages where you can filter information.

l User menu: This menu enables you to change the password or log out of IDPA System Manager.

l About button: This button enables you to view IDPA System Manager version information.

Figure 2 Header

User menu The User menu provides the capability for you to perform user tasks.

To perform the following user tasks, use the User menu:

l Change a password.

Getting Started with Administration

34 IDPA System Manager 18.2 Getting Started Guide

Note

If an external LDAP or AD user is logged in to the IDPA System Manager environment, change password is not supported.

l Log out of the user interface.

Figure 3 User menu

Left menu The left menu provides the capability for you to browse the user interface.

From the left menu, you can access the following IDPA System Manager features:

l Dashboard

l Health

l Alerts

l Capacity

l Asset Activities

l Job Activities

l System Management

l Asset Inventory

l Audit

l Search and Recovery

l Reports

Pages IDPA System Manager presents information in dashboards and detail pages.

Dashboard pages provide at a glance insight into operational behavior.

Detail pages display focused information and provide the capability for you to perform IDPA System Manager tasks.

Master and Detail panes Most IDPA System Manager pages are composed of a Master and Detail pane.

The Master pane appears on the left side of a page and displays information in a table format. The Detail pane appears on the right side of a page and displays additional information for a selected row in a table. The Detail pane may also include buttons that you can use to perform tasks that are specific to the selected row in the table.

Getting Started with Administration

Left menu 35

Changing dashboards Click the Dashboard drop-down list to select a different dashboard.

Filtering IDPA System Manager includes filtering capabilities. Filtering allows you to customize the information that appears.

The following filter types are available for you to use:

l Column filters: Appear in table headers.

l Domain Filter: Appears in the Policies, Retentions, Schedules, and Datasets pages for Avamar only.

l Active Filter: Appears in the user interface header.

l Asset Filter: Appears as a search bar on the Asset Inventory page.

l Widget Filter: Appears in widgets on the dashboard.

Column filters

Column filters can be used to filter the information that appears in tables.

Domain Filter

The Domain Filter can be used to select the domains that you want to view in the Policies, Retentions, Schedules, and Datasets pages for Avamar only.

Asset Filter

The Asset Filter can be used to filter assets listed on the Asset Inventory page. The Asset Filter search bar enables you to filter assets using a search phrase such as an asset tag, operating system, plugin, or asset name.

Active Filter

The Active Filter can be used to filter by one or more systems, system groups, or, on the Asset Inventory page only, by asset tags.

The Active Filter appears in on the following pages:

l Health

l Alerts

l Capacity

l Job Activities

l Asset Activities

l Asset Inventory

To filter certain items with the Active Filter, move one or more systems or system groups to the Filtered By pane.

When the Active Filter is enabled, a white filter icon appears enclosed in a circle in the header

Widget Filter

The Widget Filter can be used to refine the information that appears in a widget.

All types of widgets include a Widget Filter that enables you to filter the information reported in that widget by time range, system, system groups, or, for asset specific widgets, by asset tags.

Getting Started with Administration

36 IDPA System Manager 18.2 Getting Started Guide

Several widgets allow you to filter by time range. You can specify one of the following options:

l Last Hour

l Last 24 hours

l Last 7 days

l All Available

The Activities Trend widget also allows you to select whether to include the present day in the data for the past week.

The Activities Count and Activities Trend widgets allow you to choose to view activities information at the job or asset level. Also, these widgets allow you to pick whether to display backup activities, replication activities, or both.

When you use a dashboard widget to access a page, the information that is displayed is automatically filtered based on the widget filter settings.

Any active filters that are applied to a page, are listed in the filtered by section that appears at the top of the table.

Monitoring data is stored for 90 days. The All Available option is limited to data stored within the last 90 days.

Sort information that is displayed in tables Information that is displayed in tables can be sorted in ascending or descending order.

To sort information, click a column heading.

After you click the column heading, an arrow appears. An up-arrow indicates that the column data is sorted in ascending order. A down-arrow indicates that the column data is sorted in descending order.

Dialog boxes Dialog boxes can appear with information about a specific task. Dialog boxes can also appear for questions that require a decision.

Notification bar To inform you of completed events or to alert you of issues that may require attention, notifications may appear in a bar across the top of the IDPA System Manager interface.

Figure 4 Example notification

Getting Started with Administration

Sort information that is displayed in tables 37

Overflow button Overflow buttons can appear within the user interface. When you click an Overflow button, a menu of available operations appears.

Figure 5 Overflow button

Dashboards overview IDPA System Manager dashboards provide at-a-glance insight into systems and activities.

Dashboard widgets include key performance indicators that display the following types of system information:

l Backup Activities

l Replication Activities

l Trends

l Assets

l Capacity

l Health

l Alerts

From dashboard widgets, you can drill down into specific areas of interest.

All dashboard widgets have customizable settings. The customizable settings vary based on each widget. Certain widgets allow you to change the view, activity type, and time range. All widgets include a widget filter that you can use to filter by systems and groups. The widget filter also can filter by assets when available for a widget .

You can customize the dashboard layout to your preference by changing the widget type. Individualized dashboard settings are stored for each user. You can add, edit, and delete custom dashboards. Each user can create and store up to 20 dashboards.

Health overview IDPA System Manager tracks various criteria to determine system health status, including communication, alerts, SSO, and capacity for systems that are configured in IDPA System Manager.

This information is used to determine the overall health state of the system. The health status is reported on the Health page.

Alerts overview To view and manage alerts for IDPA System Manager and all systems, visit the Alerts page.

IDPA System Manager maps alerts from systems to three alert levels: Error, Warning, or Informational.

Getting Started with Administration

38 IDPA System Manager 18.2 Getting Started Guide

Capacity overview Capacity monitoring can keep you aware of unexpected data growth that may cause downstream failures.

To view the capacity state of all Avamar and Data Domain systems that are configured in IDPA System Manager, visit the Capacity page.

Activities overview IDPA System Manager Activities include system activities at the job and asset level.

System activity includes information about backup and replication activities for Avamar systems connected to IDPA System Manager.

Audit overview Audit information includes actions and tasks that IDPA System Manager users have performed. The audit information can also be used to track the status of long running tasks.

View audit information on the Audit page.

System management overview The System Management page provides the capability for you to add, edit, remove, and manage systems and groups in IDPA System Manager.

The following list includes the system management capabilities that are available in IDPA System Manager:

l Add, edit, and delete Avamar, Data Domain, Data Protection Advisor, and Search systems.

l Organize systems into groups, including the ability to add, edit, and delete groups.

l View system information.

l Launch the native management application for the system.

l For Avamar systems:

n View, add, edit, and delete policies, retentions, schedules, and datasets.

n Add clients and proxies to policies.

n Perform a backup of a policy.

l When an Avamar system is not reporting, you can reactivate messaging.

Search and recover overview IDPA System Manager integrates with Search to provide you with the ability to perform complex search and recover operations.

IDPA System Manager launches Search in a new browser window.

For information about how to use Search, refer to the Search documentation set.

Getting Started with Administration

Capacity overview 39

Note

To take full advantage of IDPA System Manager capabilities, it is recommended that all systems that are configured in Search also be configured in IDPA System Manager.

Reports overview IDPA System Manager provides the capability for you to run 11 of the most used Data Protection Advisor reports for Avamar and Data Domain systems.

IDPA System Manager reporting features require you to have Data Protection Advisor system configured with IDPA System Manager.

For more information about Data Protection Advisor, refer to the Data Protection Advisor documentation set.

You can run, and then view these reports directly in the IDPA System Manager user interface. You can also specify the reporting period for these reports within the IDPA System Manager interface.

Note

To take full advantage of IDPA System Manager capabilities, it is recommended that all systems that are configured in Data Protection Advisor also be configured in IDPA System Manager.

Getting Started with Administration

40 IDPA System Manager 18.2 Getting Started Guide

CHAPTER 4

Adding Systems to IDPA System Manager

Learn about how to add data protection systems to IDPA System Manager.

Note

For information about editing systems and troubleshooting, refer to the IDPA System Manager Administration Guide.

Topics include:

l Add an Avamar system.......................................................................................42 l Add a Data Domain System................................................................................ 43 l Add a Data Protection Advisor system............................................................... 43 l Add a Search system..........................................................................................44

Adding Systems to IDPA System Manager 41

Add an Avamar system To use IDPA System Manager to monitor and manage Avamar systems, add one or more Avamar systems.

Procedure

1. In the Left menu, select System Management.

2.

Click .

The Add System window appears.

3. On the Select System Type page, select Avamar, and then click Next.

4. On the Connection Information page, specify the following information:

l Name: Specify a name that helps identify the system.

l Hostname: Specify the fully qualified domain name (FQDN) of the Avamar system.

l Avamar Username: Specify the username of the Avamar system. For Avamar Administrator, the username is MCUser.

l Avamar Password: Specify the password for the Avamar system user interface.

l OS Root password: Specify the OS root password.

5. (Optional) To specify optional fields, click Show optional fields, and then specify the following information, as required:

l Port: Specify the Avamar MCS port. The default value is 9443. To specify the default value, leave this field blank.

Note

When you add a system to IDPA System Manager that uses a non-standard port, you must modify the IDPA System Manager firewall to allow communication with that port. The IDPA System Manager Security Configuration Guide provides instructions.

l Override MCGUI URL: Specify an alternate URL destination for the AVAMAR ADMINISTRATOR button. To override the AVAMAR ADMINISTRATOR link to direct to the AUI, type https:// /aui.

6. Click Next.

7. On the Certificate Verification page, to ensure that you are adding the correct system, verify that the certificate information being displayed matches the exact certificate on the Avamar system.

8. Once you have confirmed that the certificate information is correct, select Accept Certificate, and then click SAVE.

IDPA System Manager does not validate the certificate and uses the certificate that you verify to connect with the system. If the remote system's certificate changes, IDPA System Manager will refuse to connect with the system.

Adding Systems to IDPA System Manager

42 IDPA System Manager 18.2 Getting Started Guide

In this scenario, edit the system on the IDPA System Manager System Management page to verify the new certificate details.

Add a Data Domain System Procedure

1. In the Left menu, select System Management.

2.

Click .

The Add System window appears.

3. On the Select System Type page, select Data Domain, and then click Next.

4. On the Connection Information page, specify the following information:

l Name: Specify a name that helps identify the system.

l Hostname: Specify the Fully Qualified Domain Name (FQDN) of the Data Domain system.

l Username: Specify the Data Domain administrator username.

l Password: Specify the Data Domain administrator password.

5. Click Next.

6. On the Certificate Verification page, to ensure that you are adding the correct system, verify that the certificate information being displayed matches the certificate on the Data Domain system.

7. Once you have confirmed that the certificate information is correct, select Accept Certificate, and then click SAVE.

IDPA System Manager does not validate the certificate and uses the certificate that you verify to connect with the system. If the remote system's certificate changes, IDPA System Manager will refuse to connect with the system.

In this scenario, edit the system on the IDPA System Manager System Management page to verify the new certificate details.

Add a Data Protection Advisor system To use the IDPA System Manager reporting features, you must add a Data Protection Advisor system.

Procedure

1. In the Left menu, select System Management.

2.

Click .

The Add System dialog box appears.

3. On the Select System Type page, select Data Protection Advisor, and then click Next.

4. On the Connection Information page, specify the following information:

l Name: Specify a name that helps identify the system.

l Hostname: Specify the fully qualified domain name (FQDN) of the Data Protection Advisor system.

Adding Systems to IDPA System Manager

Add a Data Domain System 43

l Username: Specify the Data Protection Advisor Administrator username.

l Password: Specify the Data Protection Advisor Administrator password.

5. (Optional) To specify a non-default Data Protection Advisor port number, click Show optional fields, and then type the port number in the Port field.

Note

When you add a system to IDPA System Manager that uses a non-standard port, you must modify the IDPA System Manager firewall to allow communication with that port. The IDPA System Manager Security Configuration Guide provides instructions.

6. Click Next.

7. On the Certificate Verification page, to ensure that you are adding the correct system, verify that the certificate information being displayed matches the certificate on the Data Protection Advisor system.

8. Once you have confirmed that the certificate information is correct, select Accept Certificate, and then click SAVE.

IDPA System Manager does not validate the certificate and uses the certificate that you verify to connect with the system. If the remote system's certificate changes, IDPA System Manager will refuse to connect with the system.

In this scenario, edit the system on the IDPA System Manager System Management page to verify the new certificate details.

Add a Search system To perform advanced search and recover operations, you must add a Search system.

Procedure

1. In the Left menu, select System Management.

2.

Click .

The Add System window appears.

3. On the Select System Type page, select Data Protection Search, and then click Next.

4. On the Connection Information page, specify the following information:

l Name: Specify a name that helps identify the Search system.

l Hostname: Specify the fully qualified domain name (FQDN) of the Search system.

l Username: Specify the Search Administrator username.

l Password: Specify the Search Administrator password.

5. (Optional) To specify optional fields, click Show optional fields, and then specify the following information, as required:

l Admin Rest API Port: Specify the Search REST API port. The default value is 448.

l Search UI Port: Specify the Search UI port. The default value is 443.

Adding Systems to IDPA System Manager

44 IDPA System Manager 18.2 Getting Started Guide

Note

When you add a system to IDPA System Manager that uses a non-standard port, you must modify the IDPA System Manager firewall to allow communication with that port. The IDPA System Manager Security Configuration Guide provides instructions.

6. Click Next.

7. On the Certificate Verification page, to ensure that you are adding the correct system, verify that the certificate information being displayed matches the certificate on the Search system.

8. Once you have confirmed that the certificate information is correct, select Accept Certificate, and then click SAVE.

IDPA System Manager does not validate the certificate and uses the certificate that you verify to connect with the system. If the remote system's certificate changes, IDPA System Manager will refuse to connect with the system.

In this scenario, edit the system on the IDPA System Manager System Management page to verify the new certificate details.

Adding Systems to IDPA System Manager

Add a Search system 45

Manualsnet FAQs

If you want to find out how the 18.2 Dell works, you can view and download the Dell PowerProtect 18.2 Data Protection Getting Started Guide on the Manualsnet website.

Yes, we have the Getting Started Guide for Dell 18.2 as well as other Dell manuals. All you need to do is to use our search bar and find the user manual that you are looking for.

The Getting Started Guide should include all the details that are needed to use a Dell 18.2. Full manuals and user guide PDFs can be downloaded from Manualsnet.com.

The best way to navigate the Dell PowerProtect 18.2 Data Protection Getting Started Guide is by checking the Table of Contents at the top of the page where available. This allows you to navigate a manual by jumping to the section you are looking for.

This Dell PowerProtect 18.2 Data Protection Getting Started Guide consists of sections like Table of Contents, to name a few. For easier navigation, use the Table of Contents in the upper left corner.

You can download Dell PowerProtect 18.2 Data Protection Getting Started Guide free of charge simply by clicking the “download” button in the upper right corner of any manuals page. This feature allows you to download any manual in a couple of seconds and is generally in PDF format. You can also save a manual for later by adding it to your saved documents in the user profile.

To be able to print Dell PowerProtect 18.2 Data Protection Getting Started Guide, simply download the document to your computer. Once downloaded, open the PDF file and print the Dell PowerProtect 18.2 Data Protection Getting Started Guide as you would any other document. This can usually be achieved by clicking on “File” and then “Print” from the menu bar.